You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

35 lines
788 B
Nix

{ pkgs
, ...
}:
let
systemd-vaultd = pkgs.callPackage ../../default.nix { };
in
{
imports = [
./vault-secrets.nix
];
systemd.package = pkgs.callPackage ../pkgs/systemd.nix { };
systemd.sockets.systemd-vaultd = {
description = "systemd-vaultd socket";
wantedBy = [ "sockets.target" ];
socketConfig = {
ListenStream = "/run/systemd-vaultd/sock";
SocketUser = "root";
SocketMode = "0600";
};
};
systemd.services.systemd-vaultd = {
description = "systemd-vaultd daemon";
requires = [ "systemd-vaultd.socket" ];
after = [ "systemd-vaultd.socket" ];
# Restarting can break services waiting for secrets
stopIfChanged = false;
serviceConfig = {
ExecStart = "${systemd-vaultd}/bin/systemd-vaultd";
};
};
}